Skip to main content
  • 1658 Accesses

Abstract

Data protection is a recent addition to national legal frameworks. Data protection has evolved as a tool of privacy over the Internet. Yet, privacy generally means different things to different people and nation states. The international community has in part developed high level agreed principles for protecting individual’s personal data online. However, there is a lack of international law in this area. The current approach is fragmented, inconsistent and incoherent. While many states have looked to the EU model, other models have emerged. This book will highlight, what in our view, are the models that have been developed by states to address the protection of personal data over the Internet (see Chap. 15).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    This chapter draws on the earlier work of Robert Walters, Leon Trakman, Bruno Zeller Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer (2019).

  2. 2.

    Chesterman, S, Data Protection Law in Singapore: Privacy and Sovereignty in an Interconnected World, second edition; Singapore: Academy Publishing, (2018), 1–9.

  3. 3.

    Ibid.

  4. 4.

    Ibid.

  5. 5.

    In Quotes Le Kwan Yew, BBC, 2015, https://www.bbc.com/news/world-asia-31582842

  6. 6.

    Greenleaf, G, The influence of European data privacy standards outside Europe: Implications for globalisation of Convention 108, University of Edinburgh School of Law Research Paper 2012/12.

  7. 7.

    Ibid.

  8. 8.

    Walters, R., Trakman, L., Zeller, B, Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer (2019).

  9. 9.

    Council of Europe, Council of Europe data Protection Convention (Convention 108), Convention for the protection of individuals with regard to the processing of personal data

    https://www.coe.int/en/web/data-protection/convention108-and-protocol

  10. 10.

    Greenleaf, G, The influence of European data privacy standards outside Europe: Implications for globalisation of Convention 108, University of Edinburgh School of Law Research Paper 2012/12.

  11. 11.

    Ibid.

  12. 12.

    Richards, N., Hartzog, W, Privacy’s Constitutional Moment, Washington University School of Law; Yale Information Society Project. Northeastern University School of Law (2019).

  13. 13.

    Ibid.

  14. 14.

    Ibid, Kaminski, M, Binary Governance: Lessons from the GDPR’s Approach to Algorithmic Accountability, 92 S. CAL. L. REV. (2019).

  15. 15.

    Ibid, Schwartz, P, Global Data Privacy: The E.U. Way, 94 N.Y.U. L. Rev. (2019); Anu Bradford, The Brussels Effect, 107 Nw. U. L. Rev. 1 (2012).

  16. 16.

    Ibid.

  17. 17.

    Ibid, McGeveran, W, Privacy and Data Protection Law, Foundation Press; first Edit, (2016).

  18. 18.

    Richards, N., Hartzog, W, Privacy’s Constitutional Moment, Washington University School of Law; Yale Information Society Project. Northeastern University School of Law (2019).

  19. 19.

    Ibid.

  20. 20.

    Judge lets Facebook privacy lawsuit proceed, calls company’s views ‘so wrong’

    By Reuters September 10, 2019, https://nypost.com/2019/09/10/judge-lets-facebook-privacy-class-action-proceed-calls-companys-views-so-wrong/

  21. 21.

    Ibid.

  22. 22.

    Ibid.

  23. 23.

    Ibid.

  24. 24.

    Kong, L, Enacting China’s Data Protection Act, International Journal of Law and Information Technology, Volume 18, Issue 3, (2010), 197–226.

  25. 25.

    Ibid.

  26. 26.

    Ibid.

  27. 27.

    Ibid.

  28. 28.

    Ibid.

  29. 29.

    Ibid.

  30. 30.

    Walters, R., Trakman, L., Zeller, B, Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer (2019) 5–15.

  31. 31.

    De Hert p, Gutwirth S, (2006) Privacy, Data Protection and Law Enforcement. Opacity of the Individual and Transparency of Power, in Claes E, Duff A, Gutwirth S, Privacy and the Criminal Law, Antwerp-Oxford, Intersentia, 61–104, in Walters, R., Trakman, L., Zeller, B, Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer (2019).

  32. 32.

    International Organisation for Standardisation/IEC 2382–1-1993 and its successors.

  33. 33.

    Kokott J, Sobotta C, (2013) The distinction between privacy and data protection in the jurisprudence of the CJEU and the ECtHR, International Data Privacy Law, Oxford University Press, vol 3, Issue 4, 22–228, in Walters, R., Trakman, L., Zeller, B, Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer (2019).

  34. 34.

    International Law Commission Report, Annex D, para. 11.

  35. 35.

    Walters, R., Trakman, L., Zeller, B, Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer (2019) 401–421.

  36. 36.

    International Law Commission Report, Annex D, para. 11.

  37. 37.

    Ibid.

  38. 38.

    Walters, R., Trakman, L., Zeller, B, Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer (2019) 401–421.

  39. 39.

    Ibid.

  40. 40.

    Ibid.

  41. 41.

    International Organization of Securities Commissions, Harmonization of critical OTC derivatives data elements (other than UTI and UPI) – third batch.

  42. 42.

    Organisation for Economic Cooperation and Development, https://www.oecd.org/internet/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm

  43. 43.

    Ibid.

  44. 44.

    Asia-Pacific Economic Cooperation, https://www.apec.org/Groups/Committee-on-Trade-and-Investment/Electronic-Commerce-Steering-Group, in Robert Walters, Leon Trakman, Bruno Zeller, (2019) Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer, 401–421.

  45. 45.

    Ibid.

  46. 46.

    Ibid. These include Preventing Harm, to prevent the misuse of information; Notice, ensuring that individuals are able to know what information is collected about them and for what purpose; Collection limitations, of personal information that is relevant to the purposes; Uses, should be used only to fulfill the purposes of collection; Choice, ensure that individuals are provided with choice in relation to the collection, use, transfer, and disclosure of their personal information; Integrity, to ensure personal information is accurate, complete, and kept up to date; Security, so as personal information is not used in a way to compromise the individual to who the data applies; Access and Correction, so as individuals have the ability to access and correct their personal information; and Accountability, to ensure organizations and individuals handling personal data are accountable.

  47. 47.

    Walters, R., Trakman, L., Zeller, B, (2019) Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer, 401–421.

  48. 48.

    Callo-Müller, MV, GDPR and CBPR: Reconciling Personal Data Protection and Trade, APEC Policy Support Unit Policy Breif No. 23 October 2018.

  49. 49.

    Ibid.

  50. 50.

    Ibid.

  51. 51.

    Ibid.

  52. 52.

    Asia Pacific Privacy Authorities, http://www.appaforum.org/members

  53. 53.

    Ibid. One of the gaps in the APEC policy framework has been addressing the cross-border transfer of data. Firstly, in 2014, the APEC and the European Union’s Article 29 Working Party (on Data Protection) released Binding Corporate Rules (BCR). The BCRs govern international data transfers within companies or groups of companies. They reflect a code of conduct which defines the company policy on data transfers. Secondly, the APEC Cross Border Privacy Enforcement Arrangement (CPEA) established in 2015, underpins the Policy Framework to establish regional cooperation for enforcing Privacy Laws. APEC’s Electronic Commerce Steering Group (ECSG) promotes the development and use of electronic commerce by supporting the creation of legal, regulatory and policy environments in the APEC region that are predictable, transparent and consistent. Since 2011, APEC has been undertaking a lot of work in the area of data protection and issues the Cross Border Privacy Rules System. The Rules system balance the flow of data across borders of member countries, and at the same time ensure effective protections are in place for private and personal information. In 2015, they established the Privacy Recognition for Processors (PRP) System, which assists controllers in complying with relevant privacy obligations, and helps controllers identify accountable processors. In the same year, APEC released the Privacy Framework that promotes electronic commerce throughout the Asia Pacific region.

  54. 54.

    Brunei, Indonesia, Cambodia, Lao, Malaysia, Myanmar, Philippines, Singapore, Thailand, Vietnam.

  55. 55.

    Association of South East Nations, Human Rights Declaration 2012, http://www.refworld.org/docid/50c9fea82.html

  56. 56.

    Walters, R., Trakman, L., Zeller, B, (2019) Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer, 401–421.

  57. 57.

    Ibid.

  58. 58.

    Ibid.

  59. 59.

    Ibid.

  60. 60.

    ASEAN Economic Community, http://investasean.asean.org/index.php/page/view/asean-economic-community/view/670/newsid/755/about-aec.html

  61. 61.

    ASEAN Economic Community 2025 Consolidated Strategic Action Plan, http://asean.org/storage/2017/02/Consolidated-Strategic-Action-Plan.pdf

  62. 62.

    Convention on Cybercrime Budapest, 23.XI.2001 European Treaty Series – No. 185.

  63. 63.

    Clement, J, Internet usage worldwide – Statistics & Facts, https://www.statista.com/topics/1145/internet-usage-worldwide/

  64. 64.

    Ibid.

  65. 65.

    Ibid.

  66. 66.

    Ibid, Market Value of the largest internet companies worldwide 2019 https://www.statista.com/statistics/277483/market-value-of-the-largest-internet-companies-worldwide/ Statista provided approval for the use of these statistics.

  67. 67.

    Ibid.

  68. 68.

    Ibid.

  69. 69.

    Ibid.

  70. 70.

    Clarke, R., Greenleaf, G, Dataveillance Regulation: A Research Framework, Journal of Law and information Science, 25, 1 (2018).

  71. 71.

    Ibid.

  72. 72.

    Alam, Mohammad Arif Ul; Roy, Nirmalya; Misra, Archan; and Taylor, Joseph. CACE: Exploiting behavioral interactions for improved activity recognition in multi-inhabitant smart homes. (2016). 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS): Nara, Japan, June 27–30: Proceedings. 539–548. Research Collection School of Information Systems.

  73. 73.

    Muhammad Habibur Rehman, Chee Sun Liew, Teh Ying Wah, Junaid Shuja and Babak Daghighi, Mining Personal Data Using Smartphones and Wearable Devices: A Survey, Faculty of Computer Science and Information Technology, 2015–15, 443–444.

  74. 74.

    United States Patent, No. 7, 930, 197, B2. https://patentimages.storage.googleapis.com/ee/8f/2c/0bd80a64ef6a52/US7930197.pdf

  75. 75.

    Ibid.

  76. 76.

    Graham Greenleaf, Thematic: Technology and the Professions, UNSW Law Journal Volume 40(1) (2017), 310.

  77. 77.

    Ibid.

  78. 78.

    Ibid.

  79. 79.

    Ibid.

  80. 80.

    Ibid.

  81. 81.

    Ibid.

  82. 82.

    De Hert p, Gutwirth S, (2006) Privacy, Data Protection and Law Enforcement . Opacity of the Individual and Transparency of Power, in Claes E, Duff A, Gutwirth S, Privacy and the Criminal Law, Antwerp-Oxford, Intersentia, pp. 61–104, in Robert Walters, Leon Trakman, Bruno Zeller, (2019) Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer.

  83. 83.

    International Organisation for Standardisation/IEC 2382–1-1993 and its successors.

  84. 84.

    Stephen Kai-yi Wong, Grooving Privacy Evolution with Law Reform and Data Ethics, 2019, https://www.pcpd.org.hk/english/news_events/media_statements/files/Paper_GroovingPrivacyEvolutionwithDataEthics_Feb2019.pdf

  85. 85.

    Walters, R., Trakman, L., Zeller, B, (2019) Data Protection Law: A Comparative Analysis of Asia-Pacific and European Approaches, Springer.

  86. 86.

    Grotto, A., Schallbruch, M, The Great Anti-China Tech Alliance, The United States and Europe will regret letting Beijing win the race to govern digital technology. https://foreignpolicy.com/2019/09/16/the-west-will-regret-letting-china-win-the-tech-race/ The authors identify four critical, mutually reinforcing factors that put China in a commanding position to influence the course of digital governance worldwide. The first factor is the size and attractiveness of its domestic market. The second factor is China’s muscular, multifaceted industrial policy. Chinese authorities tap the leverage that comes from having an attractive market to impose a variety of market access conditions on foreign companies aimed at bolstering indigenous production and innovation. The third factor is China’s ascendant innovation ecosystem, whose development over the past decade can be traced in significant part to the first two factors. The final factor is China’s creative and empowered regulatory culture. China’s regulatory apparatus has many flaws: corruption, vague rules, arbitrary enforcement, and so on. But Chinese regulators are also grappling with most of the same digital governance challenges as those in the United States, European nations, and other countries.

References

  • Chesterman, S. (2018). Data protection law in Singapore: Privacy and sovereignty in an interconnected world (2nd ed., pp. 1–9). Singapore: Academy Publishing.

    Google Scholar 

  • De Hert, P., & Gutwirth, S. (2006). Privacy, data protection and law enforcement. Opacity of the individual and transparency of power. In E. Claes, A. Duff, & S. Gutwirth (Eds.), Privacy and the Criminal Law (pp. 61–104). Antwerp/Oxford: Intersentia.

    Google Scholar 

  • Greenleaf, G. (2012). The influence of European data privacy standards outside Europe: Implications for globalisation of Convention 108, University of Edinburgh School of Law Research Paper 2012/12.

    Google Scholar 

  • Kaminski, M. (2019). Binary Governance: Lessons from the GDPR’s Approach to Algorithmic Accountability, 92 S. CAL. L. REV.

    Google Scholar 

  • Kokott, J., & Sobotta, C. (2013). The distinction between privacy and data protection in the jurisprudence of the CJEU and the ECtHR. International Data Privacy Law, 3(4), 22–228, Oxford University Press.

    Article  Google Scholar 

  • Kong, L. (2010). Enacting China’s Data Protection Act. International Journal of Law and Information Technology, 18(3), 197–226.

    Article  Google Scholar 

  • McGeveran, W. (2016). Privacy and data protection law (1st ed.). St. Paul: Foundation Press.

    Google Scholar 

  • Richards, N., & Hartzog, W. (2019). Privacy’s constitutional moment. Washington University School of Law; Yale Information Society Project. Northeastern University School of Law.

    Google Scholar 

  • Schwartz, P. (forthcoming 2019). Global Data Privacy: The E.U. Way, 94 N.Y.U. L. Rev.; Anu Bradford, The Brussels Effect, 107 Nw. U. L. Rev. 1 (2012).

    Google Scholar 

  • Walters, R., Trakman, L., & Zeller, B. (2019). Data Protection Law: A comparative analysis of Asia-Pacific and European approaches. Singapore: Springer.

    Book  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Singapore Pte Ltd.

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Walters, R., Novak, M. (2021). Data Protection. In: Cyber Security, Artificial Intelligence, Data Protection & the Law . Springer, Singapore. https://doi.org/10.1007/978-981-16-1665-5_4

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-1665-5_4

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-1664-8

  • Online ISBN: 978-981-16-1665-5

  • eBook Packages: Law and CriminologyLaw and Criminology (R0)

Publish with us

Policies and ethics